Linux under SSH remote Connection service Slow solution

1. The applicable order and scheme are as follows:
"Remote Connect and Execute command"
Ssh-p22[Email protected]
Ssh-p22[Email protected]/sbin/ifconfig
"Remote copy: Push and Pull"
scp-p22-r-p/etc[Email protected]:/tmp/
Scp-p22-r-P[Email protected]:/tmp// etc
"Secure FTP feature"
sftp-oport=22[Email protected]
"No password Authentication scheme"
For example, use Sshkey to bulk distribute files and perform deployment operations.

2, the main reason for the slow connection is that DNS resolution causes
Workaround:

The most common reason is that the sshd of the server goes to DNS to find the hostname that accesses the client IP, which can take a lot of time if the DNS is unavailable or there are no related records.

1. Add your native IP and hostname to the/etc/hosts file on the server

2. Change the configuration in the/etc/ssh/sshd_config file on the SSH server to the following:

Usedns no# GSSAPI optionsgssapiauthentication No

The gssapiauthentication parameter is used for Kerberos authentication, and for the vast majority of people, it is not possible to use this authentication mechanism, so be careful to stop them.

Then, perform/etc/init.d/sshd restart restart the sshd process so that the above configuration takes effect, the connection is generally not slow.

3, if it is slow, check the SSH server/etc/hosts file, 127.0.0.1 the corresponding host name and
Uname-n the same result, or add native IP and hostname (uname-n result) to/etc/hosts.

3, the use of Ssh-v debugging function to find the cause of slow
In fact, you can use the following command to debug why the slow details (learning this idea is very important).

[[email protected] ~]# ssh -v [email protected]openssh_5.3p1, openssl  1.0.0-fips 29 mar 2010debug1: reading configuration data /etc/ssh/ssh_ configdebug1: applying options for *debug1: connecting to 192.168.2.15  [192.168.2.15] port 22.debug1: connection established.debug1: permanently_set_ Uid: 0/0debug1: identity file /root/.ssh/identity type -1debug1: identity  file /root/.ssh/id_rsa type -1debug1: identity file /root/.ssh/id_dsa  type -1debug1: Remote protocol version 2.0, remote software  Version openssh_4.3debug1: match: openssh_4.3 pat openssh_4*debug1: enabling  compatibility mode for protocol 2.0debug1: Local version string  Ssh-2.0-openssh_5.3debug1: ssh2_msg_kexinit sentdebug1: ssh2_msg_kexinit receiveddebug1: kex: server->client  aes128-ctr hmac-md5 nonedebug1: kex: client->server aes128-ctr hmac-md5  nonedebug1: ssh2_msg_kex_dh_gex_request (1024<1024<8192)  sentdebug1: expecting  Ssh2_msg_kex_dh_gex_groupdebug1: ssh2_msg_kex_dh_gex_init sentdebug1: expecting ssh2_msg_ kex_dh_gex_replythe authenticity of host  ' 192.168.2.15  (192.168.2.15) '  can ' t  be established. Rsa key fingerprint is ca:18:42:76:0e:5a:1c:7d:ef:fc:24:75:80:11:ad:f9. are you sure you want to continue connecting  (yes/no)?  yes======= > Here is an interactive hint that prompts you to save the key. warning: permanently added  ' 192.168.2.15 '   (RSA)  to the list of  Known hosts.debug1: ssh_rsa_verify: signature correctdebug1: ssh2_msg_newkeys sentdebug1: expecting ssh2_msg_newkeysdebug1: ssh2_msg_newkeys receiveddebug1:  ssh2_msg_service_request sentdebug1: ssh2_msg_service_accept receiveddebug1:  Authentications that can continue: publickey,passworddebug1: next authentication  method: publickeydebug1: Trying private key: /root/.ssh/identitydebug1:  Trying private key: /root/.ssh/id_rsadebug1: trying private key: /root/.ssh /id_dsadebug1: next authentication method: password[email protected] ' S password: =======> here is an interactive hint that prompts for a password. debug1: authentication succeeded  (password). debug1: channel 0: new [ client-session]debug1: entering interactive session.debug1: sending  Environment.debug1: sending env lang = en_us. Utf-8last login: tue sep 24 10:30:02&nbsP;2013 from 192.168.2.13 can determine where the card is when it is slow to connect remotely. [[email protected] ~]# ssh -v [email protected]openssh_5.3p1, openssl  1.0.0-fips 29 mar 2010debug1: reading configuration data /etc/ssh/ssh_ configdebug1: applying options for *debug1: connecting to 192.168.2.18  [192.168.2.18] port 22.debug1: connection established.debug1: permanently_set_ Uid: 0/0debug1: identity file /root/.ssh/identity type -1debug1: identity  file /root/.ssh/id_rsa type -1debug1: identity file /root/.ssh/id_dsa  type 2debug1: Remote protocol version 2.0, remote software  version openssh_5.3debug1: match: openssh_5.3 pat openssh*debug1: enabling  Compatibility mode for protocol 2.0debug1: local version string ssh-2.0-openssh_5.3debug1: ssh2_msg_kexinit sentdebug1: ssh2_msg_kexinit  Receiveddebug1: kex: server->client aes128-ctr hmac-md5 nonedebug1: kex:  client->server aes128-ctr hmac-md5 nonedebug1: ssh2_msg_kex_dh_gex_request (1024 <1024<8192)  sentdebug1: expecting ssh2_msg_kex_dh_gex_groupdebug1: ssh2_msg_kex_dh_ gex_init sentdebug1: expecting ssh2_msg_kex_dh_gex_replydebug1: host  ' 192.168.2.18 '  is known and matches the rsa host key.debug1: found key  in /root/.ssh/known_hosts:2debug1: ssh_rsa_verify: signature correctdebug1:  ssh2_msg_newkeys sentdebug1: expecting ssh2_msg_newkeysdebug1: ssh2_msg_newkeys  receiveddebug1: ssh2_msg_service_request sentdebug1: ssh2_msg_service_accept  Receiveddebug1: authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passworddebug1: next  authentication method: gssapi-keyexdebug1: no valid key exchange  Contextdebug1: next authentication method: gssapi-with-mic

The above configuration does not match the discovery card to gssapi this. You probably know it's a gssapi problem.

In fact, the Linux System Optimization section should optimize the SSH service here.

This article is from "Operation and maintenance record Mei Ling" blog, please be sure to keep this source http://meiling.blog.51cto.com/6220221/1622468

Linux under SSH remote Connection service Slow solution